two NICs - one for management, one for primary network...both vlan networks on a trunk. RDP does not work.

two NICs - one for management, one for primary network...both vlan networks on a trunk. Having multilpe gateways on windows is frowned upon. We only need RDP to work on the management NIC. Currently, the primary network has the default gateway and the management NIC does not have a default gateway. All traffic is routed through the primary interface. This is the configuration on 13 virtual machines (VMWare).
* I can tracert to the management IP of the domain controller
* I can ping other management IPs
* Currently we only have 2 other windows machines. However, they are only configured with one IP/NIC. The management network is configured with the NIC and these domain controllers are accessible via RDP.
* The server in question is accessible via RDP when I enter in the management default gateway on the mangement TCP/IP properties. When I remove the default gateway, the machine is no longer accessible via RDP (outside of the management network). I'm trying to access the machine from our internal network (firewall is allowing rdp/ssh traffic). So....management default gateway in place? I can connect from my workstation.
No management default gateway in place? I can only RDP to the server from another VM inside the management network.

A lot of info...let me know what you think.
faeadagbeeAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JasonJonesCOCommented:
I assume you're trying to RDP to it from another machine that's on the management network? If not, you'd need a gateway on that interface to connect to it across vlan's.

This article mentions checking your NIC binding order. You might want to give that a shot

http://social.technet.microsoft.com/Forums/en/winserverTS/thread/a5078a7f-77c7-4810-8022-423de62aecf3

0
faeadagbeeAuthor Commented:
Great idea! I checked it out but that did not do the trick.
0
larry urbanDevOps EngineerCommented:
You will need a gateway on both NICs;

1) Add the gateway to the management network NIC.
2) Then go to the TCPIP advanced settings on that same NIC and set the Metric to 2.
3) Now go to the primary network's NIC and set the metric to 2.

This will cause the network traffic going out of your server to first try the primary gateway, if it does not find the route needed it will then try the management network. This also assures you do not mess up the route to the outside for the primary network.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

JasonJonesCOCommented:
What OS is the server? Depending on the OS it might call it different things, but you can go into the Remote Desktop Configuration, then go to Properties and click on Network adapters. By default it binds to all NIC's, but you can specify the specific one you want. Maybe it's getting confused.
0
faeadagbeeAuthor Commented:
I added the gateway and modified the metric on each NIC to 2. We'll see how that goes.

It's Server 2008 R2. I've been in Remote Desktop config and tried to create a connection per NIC, but that was unsuccessful. the only thing that has worked is adding the default gateway on the management NIC, which creates two gw's on the server.

Can you recommend a good doc on metric settings Todar?

Thanks guys.
0
JasonJonesCOCommented:
I just realized I actually have some VM's with a public and private interface, so I may be able to test this. I'll get back with you in a bit and let you know if I see anything else we can do. It should work without setting a gateway on the 2nd interface.
0
larry urbanDevOps EngineerCommented:
Sorry, my fault, I fat fingered it ...SET THE PRIMARY NETWORK TO 1 and Management to 2.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
faeadagbeeAuthor Commented:
Ok Jason
0
larry urbanDevOps EngineerCommented:
0
faeadagbeeAuthor Commented:
Thanks Todar
0
JasonJonesCOCommented:
So this just worked for me without a problem. Here's the configuration:

1 NIC with a public IP address (subnet mask, gateway, dns, etc)
2nd NIC with a private IP address (192.168.2.100). 24 bit subnet mask, no gateway, no DNS or WINS)

A second machine set up the exact same way. I was playing with some clustering stuff on these but never got around to actually clustering them.

Windows Firewall is completely off.

If you go into the Network and Sharing Center the Public NIC (that gets out to the Internet) shows as a Domain Network connection with Internet access

The Private NIC says it's on an Unidentified network on the public network. (See attached screenshot)

These machines are on the same ESX Host (I'm actually testing it within vCloud) and I've created a port group that contains their secondary NIC's. So there's no routing involved.

If you're set up this way, then it's probably a function of the network that's getting in the way. Or antivirus, firewall, etc.


nics.bmp
0
JasonJonesCOCommented:
Considering it works when you plug in the gateway address, it's probably your network dropping the traffic. In that case you need to follow Todar's suggestions :)
0
larry urbanDevOps EngineerCommented:
Well, since I we haven't heard back from you in 24 house, I guess this fixed your issue?
0
Rob WilliamsCommented:
Not only are multiple gateways frowned on they don't work on a Windows based machine. The concept is as described with priorities set by metrics, but what actually happens is the lower priority gateway is only used if the primary gateway fails/is not available. when that happens it switches to the next gateway as it should, however it will never switch back unless you do a reset or reboot the server. Basically the concept is flawed and thus not recommend. The only way to properly configure is with a default gateway on one NIC and static routes assigned to the other. Keep in mind if you add a static route from A to B, you have to install a matching static route on B pointing to A, either on each machine or on the router that is the default gateway for network B.
0
faeadagbeeAuthor Commented:
Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.